CLAIMS 



1 . A method of controlling access to records stored in a database, said method 
comprising: 

defining at least one expression associated with at least one record of said 
database; 

evaluating said at least one expression for said at least one record; and 

allowing access to said at least one record based on said evaluating of 
said at least one expression. 

2. A method as recited in claim 1, wherein said at least one expression is a 
calculation expression that can be evaluated at least partly based on a value of at 
least one field of said at least one record. 

3. A method as recited in claim 1, wherein said at least one expression is a 
calculation expression that can be evaluated at least partly based on at least one 
state variable of said database. 

4. A method as recited in claim 1, 

wherein said at least one expression can be defined based on fields and 
state variables of said database, and 

wherein said evaluating operates to return only one of two possible 
values, one of said possible values indicating that access to said at least one 
record should be granted, and the other one of said possible values indicating 
that access to said at least one record should be denied. 

5. A method as recited in claim 1, wherein said evaluation is performed only 
when a request to access said at least one record has been received. 
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6. A method as recited in claim 1, wherein said defining of said at least one 
expression defines access privileges for a user of said database with respect to 
accessing one or more records of said database. 

5 

7. A method as recited in claim 1, wherein said defining of said at least one 
expression operates to define access privileges for a user of said database with 
respect to at least one operation that can be performed on one or more records 
of said database. 

10 

8. A method as recited in claim 1, 

wherein said defining of said expression defines access privileges for at 
least one user of said database with respect to access to one or more records in 
said database, and 

15 wherein said defining of said expression operates to define access 

privileges with respect to at least one operation that may be requested to be 
performed by said at least one user on one or more records of said database. 

9. A method as recited in claim 8, wherein said at least one user is assigned a 
20 password that is associated with said expression. 

10. A method as recited in claim 1, wherein access to said at least one record 
can be for browsing, editing, or deleting of said at least one record. 

25 1 1 . A method of controlling access to records stored in a database, said method 
comprising: 

identifying a password that is associated with one or more users of said 
database; 
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defining a calculation expression for said identified password, said 
calculation expression defining access privileges of said one or more users with 
respect to at least one operation that may be requested to be performed by said 
one or more users on one or more records of said database; 

5 receiving a request to perform said at least one operation on one or more 

records of said database, said request being identified as a request made by said 
one or more users associated with said password; 

evaluating said calculation expression when said request has been 
received; said evaluation returning only one of two possible values, one of said 
10 possible values indicating that said at least one operation should be granted and 
another one of said possible values indicating that said at least one operation 
should be denied; 

granting said at least one operation to be performed when said evaluation 
returns one said possible value to indicate that said at least one operation should 
15 be granted; and 

denying said at least one operation to be performed when said evaluation 
returns one said another possible value to indicate that said at least one 
operation should be denied. 

20 12. A method as recited in claim 1 1, wherein said at least one operation can be 
a browse, an edit, or a delete operation. 

13. A method as recited in claim 11, wherein said calculation expression is not 
explicitly defined for said at least one operation but said calculation expression is 
25 one that has been defined for another operation which has been considered as a 
related operation to said at least one operation. 
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14. A method as recited in claim 1 1, 

wherein said calculation expression can be evaluated at least partly based 
on a value of at least one field of said at least one record, and 

wherein said calculation expression can be evaluated at least partly based 
on at least one state variable of said database. 

15. A method as recited in claim 14, wherein said method further comprises: 

granting temporary or limited access to said at least one record to allow 
said evaluating of said calculation expression. 

1 6. A database system, said database system comprising: 

a database having one or more records stored therein; 

a database program including a Graphical User Interface that can be used 
to facilitate operations on said one or more records stored in said database; and 

wherein said Graphical User Interface operates to facilitate defining 
access privileges with respect to said one or more records stored in said 
database. 

1 7. A database system as recited in claim 1 6, wherein said Graphical User 
Interface operates to provide the ability for a user of said database to define an 
expression associated with at least one operation that may be requested to be 
performed by another user of said database on said one or more records stored 
in said database. 

18. A database system as recited in claim 16, wherein said Graphical User 
Interface operates to provide the ability for a user to define said expression 
without requiring said user to write a programming script. 
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19. A database system as recited in claim 16, 

wherein said Graphical User Interface provides a window that allows a 
user to interact with said Graphical User Interface to identify a password for 
which access privileges may be defined or re-defined. 

20. A database system as recited in claim 19, wherein said Graphical User 
Interface further provides a window that allows a user to specify a calculation 
expression which defines access privileges with respect to at least one operation 
that may be requested to be performed on said one or more records. 

21 . A database system as recited in claim 20, wherein said at least one operation 
can be a browse, edit, or a delete operation. 

22. A database system as recited in claim 20, 

wherein said calculation expression can be evaluated at least partly based 
on a value in at least one field of said one or more records of said database, and 

wherein said calculation expression can be evaluated at least partly based 
on at least one state variable of said database. 

23. A database system as recited in claim 16, wherein said database program 
operates to determine whether access to at least one of said one or more records 
should be granted or denied. 

24. A database system as recited in claim 23, wherein said determining of 
whether access to said at least one record should be granted or denied is 
performed by evaluating a calculation expression for said at least one of said one 
record. 
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25. A database system as recited in claim 24, 

wherein access to said at least one record is granted only when said 
determining determines that access should be granted, and 

wherein access to said at least one record is denied when said 
determining determines that access should be denied for said record. 

26. A database system as recited in claim 24, wherein said access to said at least 
one record can be for browsing, editing, or deleting of said record. 

27. A database system as recited in claim 24, 

wherein said database system further comprises a cache, and 

wherein said cache operates to store an evaluated result of at least one 
calculation expression. 

28. A computer readable medium including computer program code for 
controlling access to records stored in a database, said computer readable 
medium comprising: 

computer program code for defining at least one expression associated 
with at least one record of said database; 

computer program code for evaluating said at least one expression for 
said at least one record; and 

computer program code for allowing or denying access to said at least 
one record based on said evaluating of said at least one expression. 

29. A computer readable medium as recited in claim 28, 

wherein said at least one expression can be defined based on fields and 
state variables of said database, and 
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wherein said evaluating operates to return only one of two possible 
values, one of said possible values indicating that access should be granted and 
another one of said possible values indicating that access should be denied. 



5 30. A computer readable medium as recited in claim 28, 

wherein said defining of said expression is made to define access 
privileges of at least one user of said database with respect to access to one or 
more records of said database, and 

wherein said defining of said expression operates to define access 
10 privileges with respect to at least one operation that may be requested to be 
performed by said at least one user on one or more records of said database. 

31 . A computer readable medium as recited in claim 28, wherein said at least 
one user is assigned a password that is associated with said expression. 

15 

32. A computer readable medium as recited in claim 28, wherein access to said 
at least one record can be for browsing, editing, or deleting of said at least one 
record. 
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